#! /bin/bash
# erzeuge ein neue key in batch mode
# - outform: format der output 
#   + pem: output als base64 ASCII
#   + der: binaere Format
# - csr steht fuer Certificate Signing Request
# - long subject:
# C=de, ST=saar, L=saar, O=htwds, OU=krypto, CN=krypto-institute.htw-saarland.de/emailAddress=hpb at htwds de
echo "*************** make new key *******************"
openssl req -outform PEM -keyform PEM -sha1 -newkey rsa:2048 \
-keyout private_key_enc.pem -out server.csr \
-batch -passout pass:123456 \
-subj "/C=de/ST=saarland/L=saarbruecken/O=htwds/OU=krypto/\
CN=krypto-institute.htw-saarland.de/emailAddress=hpb at htwds de"


echo "info in server.csr:"
openssl req -in server.csr -text -noout

echo "************** remove pass in key *************"
openssl rsa -passin pass:123456 -in private_key_enc.pem -out private_key.pem
